While everyone is sweating their Ashley Madison account or worried that hackers will take over their car, yet another security risk has been revealed this week — baby monitors.
That’s right. Boston-based computer security firm Rapid7 has released a report exposing 10 new vulnerabilities they found in nine popular internet-connected video baby monitors.
The newly discovered vulnerabilities included features like easily logging in to view data and/or video and being able to access other Wi-Fi enabled devices in the house. See the chart below:
Why does it matter if someone hacks into your system via little Joey or Janie’s baby monitor?
“The results of this research are particularly relevant in light of the growing risk that businesses face as employees accumulate more interconnected devices on their home networks,” Rapid7 writes on its site.
“If key personnel are operating IoT devices on networks that are routinely exposed to business assets, a compromise on an otherwise relatively low-value target – like the video baby monitors covered in this research – can quickly provide a path to compromise of the larger, nominally external, organizational network.”
Rapid7 writes in the report that most of the baby monitor parent companies’ response, or lack of, to their findings was “worrying, and representative of the IoT industry as a whole.”
“You can pay for better features or a better camera, but you can’t really buy security right now,” Mark Stanislav, a senior security consultant who did the testing, told the Wall Street Journal about the hack-proof quality of the baby monitors.
If you’re questioning the safety of your baby monitor, take note: Rapid7 reports that one company was “exemplary” in updating its software and responding to the vulnerabilities’ report: Philips.
You can read the full report here.